home

mksetup.exe

MP3 Karaoke

Accmeware Corporation

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.towerbitscenter.com and multiple other hosts.
Publisher:
Accmeware Corporation

Product:
MP3 Karaoke

Description:
MP3 Karaoke Setup

MD5:
53fbfc8db53b99c04fbfba3bcc83fac4

SHA-1:
8d9c0072765ea09aa93e2a27b957a39b6aa607c7

SHA-256:
cf7a7b3eaa75f4f4113784bc12335f392d16ff09c307f3137c40dee4d0851f5d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:09:04 PM UTC  (today)

File size:
1.7 MB (1,806,681 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mksetup.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:WQiSVB8DdWWq8ZyYFe+Th1fFhxPSh6Q8YDd7Hb7qVDgWA8+btCRCQSHRDeeO9kbC:W9SfkWyytqh1z5ShXt9Hb+gQKCaH9p56

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file mksetup.exe has been seen being distributed by the following 13 URLs.

http://www.towerbitscenter.com/ikYY1Mp67C8OsvQFlU 1WeXnyI3ftCd15en G8y kW0PoowXxRIvTNfU4 y8EEy2ADfRizJeMLhcrmwGc6fo1UonY7iTlL0DFnOKSPQCPeOsH5rEKwmcEJr6xj_rKz7BjiKpYMxMrBZH2VpmusLzuZDF 0ooMrMY29mpJKc_XMZjYTb0XSqa8kCgN NHjoWEHoGNbkmBXHQWqT3lHJt0pL1yEc4J9N9UWCc1wEjFD1xiX4ewF0fU0PZSdFMTl0Cp0wTrcrIZR9XId_AhxCbIfp2Aw5eSMMB3JA1LGdq_uH5UD_TbxVDNCX72lJYNmETiiZf5GMw_HsiyiCqLxfbdXLXU8C7nq4 9SWUzekLdD6zWBM8cUghGG8JBVnviYOK8SoRtepRSySQjwS9VF9Yb3UBGWXtqELDnUvmTr646zx4Lqbp1s39J9A9sDCZOz_IP_2da8C B_GXzediLvokzkv1rUIuLV1hlHqCRrkgk4S_Kpf1fzt9vFdPIpnyogbab5z3WKg2dV_fa_GjPPIb_SurNdO4nw==-GzMAAATKbTFNg6FbxGSIckFQGPMFYSIH7G0JBYa3J7eB3hj8dbzYfBJhTIlI 3Vtbu5toOeJDw==-e

http://www.ranchsendgift.com/iAU3jOSI95Ik Ui015mKlQSxWGayRUZ7WygemPNk0iygs3Bj7Yczz1CmWzdK0B6_NflT8XeAVq8NZANgl01U7mgoO1AZMS9aBaJO8XitkFAraSLVEu3mpUKtXEjakl9dLR7fYcdrXe5sQn8FGCfU0QLsFjAwo0Wl4F3BaiWXMUb4Im4ukXAvc0h0nDQI7KyOlbDN_1A1AbXQ7xpyX6Zts9I44lW2Tg==-GzMAAATKbTFNg6FbxGSIckFQGPMFYSIH7G0JBYa3J7eB3hj8dbzYfBJhTIlI 3Vtbu5toOeJDw==

http://www.ranchsendgift.com/aaVXsNJRV nbaU0aAUjNh7GA7ssra9SxskpAdWar7RKcqEugW1qqYmK2eG0TDpVjx3Szvuii38JipaF0RqqNT5aDcq_RECC8yEwAdNTczizN8vioE3PJ14sUGFh4xQmAZNe4FCKOSrbxEcicd5mhHITlDBjAJEo38F30uxQiltAE4TIxLK eeapFOaRf9Knweo67t2azW HDMechZnsPSljNcBtjhw==-GzMAAATKbTFNg6FbxGSIckFQGPMFYSIH7G0JBYa3J7eB3hj8dbzYfBJhTIlI 3Vtbu5toOeJDw==

http://www.ranchsendgift.com/SoOKRjgWw03MeFa9ZIOW1zxINOdy6YqRnKMqiUOD9eGbexmuhC8sOzpmH8vLeQlVnf7GGB1nN3KvepcfE9bfOGkjGamyYSuRKfNgSabZVE2NkI3ngDOiHXlVIIJ6kPnuRYsG06qf7ewtqK0fE9hMN3OoL1NBnT46kVlBWRcojw85__Vktvzgky1wurlvYFisBgKPXjftGsdGqyZYrdueecXWResSwA==-GzMAAATKbTFNg6FbxGSIckFQGPMFYSIH7G0JBYa3J7eB3hj8dbzYfBJhTIlI 3Vtbu5toOeJDw==

http://www.ranchsendgift.com/PYppXEZtY9KBM6X3dhTs5m2 OMTSnMsM3qRxwKU7LI7d8Xx4ZuccUGTaccsnFOWHKV7sVwprPBGDEJC3AWKfIQdNJRVjGeqZopQLgrhTteS8lwnzQERU RAvrsU0AS_xUXgJmWsmt6lreTBGPu5KIK3nqtcz_QN0C61bhdsO9VK_GBQIx4VAzrObgfeScUfYn_eRkYsxc5CQ9cx0XpiQXByXTl41HA==-GzMAAATKbTFNg6FbxGSIckFQGPMFYSIH7G0JBYa3J7eB3hj8dbzYfBJhTIlI 3Vtbu5toOeJDw==

http://www.ranchsendgift.com/hBeAw2bWo2Gy UUUlLGA1ExBsTKHXDpXd9uLh25Nm63OCO0FjeeUQbAvjOHckOUYjn6vZKP2Ng6TvTvlIUmU7IU8O LH59ef65kRo_HAlh1nncKb4zoK74Z 9Fb87OhJrV5561s2hvH8JkWMngp1x054by5EW6CMZGziv81zdMwc77HBjDdcnkpz0wrgW YCNY72KZ3Sv2eQ9wPVAApcYQV0NrRa46JXRIu0kiVuX3zqfubSoD p_q1EEIm TrmqmrLS80WMn3OV28W4tJJW0KoBNIIrw MHi3NcsLXoScFirPAWZwKeCjA6DybGmSJNd6RYZENIRk_sz7Om_b3c0ybmxGpXG6TFoQfjbHYawLKdlu8MibfSRdohVYpRYIL3drdk37tfP4WqNflOXeqgjT1eTMWD0cIHigqzU53b 20EmjL W7lmSm3dBNNFmrmgvKQV9H8dMljuvXbTn3ktCTdB0wo7UEXoUNcLTdmS5VtpMXgmdUwIoFIQe4TH0l4E h4eUm1JfrGBEWWMhRtZeY6CPy6eIA==-GzMAAATKbTFNg6FbxGSIckFQGPMFYSIH7G0JBYa3J7eB3hj8dbzYfBJhTIlI 3Vtbu5toOeJDw==-e

http://www.towerbitscenter.com/WOguPkfeMdfvGD0JzKdOEe0EELETQIZra2s1Uqm2yS2 PiW_NYpcIKvXws_gnWHsYEDQdZfz9PHCkoNzwb_erHikcMN_UUJnKZjDF8_tYr7HdXAGNnTDY4FeV6lsCUkEJxvTO5koPeHJRIoDRHv1jDazJb9RVhJ8f3gSzL PsDDxI4VLjfeCKUXnjmRYENeb4F_SooD2 KdfeBDoC5 55LzIRpeUq2MDID1IByHjdb874YzQaNESlNsPU2j7gh9sKnaDc JBlg1jexVQtjs4xH7s_Qy0XjyrntzWydtZQcyvcQu_6KBL IzzFQXt2T_2q8_vDPtwgDus_lhGHCznMqV_Jo25PaTAOnj5uGP22wBenTDlAF0VEgBSKp4CwH_fI_LMOES4g82KtT6KgFWj5ZTmUrBRegvm20hwuP7MA9S0NGmgM5faM5_fsiNH1z3vHEW9v0x0M6lTOJnimSKNIEj8cDOLc34XsRzEZuZ2x4YChNt8kTvbKkDYl3e0g4xIzQIKQuNmXWr254E3QKJP2rmUcV4MoQ==-GzMAAATKbTFNg6FbxGSIckFQGPMFYSIH7G0JBYa3J7eB3hj8dbzYfBJhTIlI 3Vtbu5toOeJDw==-e

http://www.ranchsendgift.com/N1cEF6gKiI_QTMRqaiZq0Yr3h3fH4n0zNUEC1ZWrc2 a1pB7mIXJwWGy_bfAiEdKRjAXxntxguVwjxq t59jAj59DGTIQCpSUQiZ6xNI0EDJ9Qkg_qa65PfuwVeZkcHMvcPPpIKcP18hXjmWpvwaLcs2NXj gqb83tOsyEuuAHDBW6D5Sa_N8va7YMQe3d_8pqBLOfGu12OkxaZhNTQPLTreiINNA==-GzMAAATKbTFNg6FbxGSIckFQGPMFYSIH7G0JBYa3J7eB3hj8dbzYfBJhTIlI 3Vtbu5toOeJDw==

http://www.techtudo.com.br/_/software/.../download

http://127.0.0.1:37848/continue?TiCredToken=6962&Source=WTP&URL=http://www.mp3-cutter-splitter.com/.../MKSetup.exe

http://www.shareit.com/affiliate.html?_esd=1&affiliateid=70900&publisherid=200063250&target=http://www.mp3-cutter-splitter.com/.../MKSetup.exe

temp:MKSetup.exe

http://www.mp3-cutter-splitter.com/.../MKSetup.exe

Scan mksetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.